Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    125 vulnerabilities by vercel

    CVE-2026-8769 (GCVE-0-2026-8769)

    Vulnerability from nvd – Published: 2026-05-17 23:00 – Updated: 2026-05-18 20:13
    VLAI
    Title
    vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption
    Summary
    A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/364394 vdb-entrytechnical-description
    https://vuldb.com/vuln/364394/cti signaturepermissions-required
    https://vuldb.com/submit/811406 third-party-advisory
    https://gist.github.com/YLChen-007/fb1096bc8428be… exploit
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-f (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8769",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T20:12:31.099819Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T20:13:40.558Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "provider-utils"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-f (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T23:00:13.988Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364394 | vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364394"
            },
            {
              "name": "VDB-364394 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364394/cti"
            },
            {
              "name": "Submit #811406 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Uncontrolled Resource Consumption (CWE-400)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811406"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/fb1096bc8428bed9a428f764d9d103bb"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:28.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8769",
        "datePublished": "2026-05-17T23:00:13.988Z",
        "dateReserved": "2026-05-17T09:28:09.002Z",
        "dateUpdated": "2026-05-18T20:13:40.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8768 (GCVE-0-2026-8768)

    Vulnerability from nvd – Published: 2026-05-17 22:45 – Updated: 2026-05-18 10:41
    VLAI
    Title
    vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery
    Summary
    A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-f (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8768",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T10:28:23.079110Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T10:41:00.465Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "provider-utils"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-f (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T22:45:09.929Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364393 | vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364393"
            },
            {
              "name": "VDB-364393 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364393/cti"
            },
            {
              "name": "Submit #811404 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Server-Side Request Forgery (SSRF) (CWE-918)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811404"
            },
            {
              "name": "Submit #811405 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Server-Side Request Forgery (SSRF) (CWE-918) (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811405"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://gist.github.com/YLChen-007/07d149bd68adbee58165b4207a2abc71"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/cf7e47e4dda392f474ca77a66d1d847f"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8768",
        "datePublished": "2026-05-17T22:45:09.929Z",
        "dateReserved": "2026-05-17T09:28:06.447Z",
        "dateUpdated": "2026-05-18T10:41:00.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8767 (GCVE-0-2026-8767)

    Vulnerability from nvd – Published: 2026-05-17 22:30 – Updated: 2026-05-18 14:30
    VLAI
    Title
    vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection
    Summary
    A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/364392 vdb-entrytechnical-description
    https://vuldb.com/vuln/364392/cti signaturepermissions-required
    https://vuldb.com/submit/811402 third-party-advisory
    https://gist.github.com/YLChen-007/870bd6966cd847… exploit
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-d (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8767",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T14:30:43.479216Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T14:30:55.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "PR Branch Name Interpolation"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-d (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T22:30:09.659Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364392 | vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364392"
            },
            {
              "name": "VDB-364392 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364392/cti"
            },
            {
              "name": "Submit #811402 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 OS Command Injection (CWE-78)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811402"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/870bd6966cd84703d91ce54dfea3bdd0"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:11.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8767",
        "datePublished": "2026-05-17T22:30:09.659Z",
        "dateReserved": "2026-05-17T09:28:03.647Z",
        "dateUpdated": "2026-05-18T14:30:55.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-46508 (GCVE-0-2026-46508)

    Vulnerability from nvd – Published: 2026-05-15 15:50 – Updated: 2026-05-15 18:05
    VLAI
    Title
    Turborepo: VSCode Extension command injection
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo daemon commands and task runs. A malicious workspace could provide crafted values through workspace settings or task names in the repository's source code that were interpolated into shell commands. When the extension activated or when a user ran a task through the extension, those values could be interpreted by the user's shell, allowing arbitrary command execution with the privileges of the local VS Code process. This vulnerability is fixed in 2.9.14000.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: < 2.9.14000
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-46508",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T18:01:21.787180Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T18:05:01.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.9.14000"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo daemon commands and task runs. A malicious workspace could provide crafted values through workspace settings or task names in the repository\u0027s source code that were interpolated into shell commands. When the extension activated or when a user ran a task through the extension, those values could be interpreted by the user\u0027s shell, allowing arbitrary command execution with the privileges of the local VS Code process. This vulnerability is fixed in 2.9.14000."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:50:24.694Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm"
            }
          ],
          "source": {
            "advisory": "GHSA-5xc8-49mv-x4mm",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: VSCode Extension command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-46508",
        "datePublished": "2026-05-15T15:50:24.694Z",
        "dateReserved": "2026-05-14T19:12:32.754Z",
        "dateUpdated": "2026-05-15T18:05:01.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45773 (GCVE-0-2026-45773)

    Vulnerability from nvd – Published: 2026-05-15 15:51 – Updated: 2026-05-15 16:45
    VLAI
    Title
    Turborepo: Login callback CSRF/session fixation
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14, Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the legitimate callback, the CLI could complete login with the wrong credentials. This affects users authenticating the turbo CLI against self-hosted remote cache/auth endpoints. Vercel-hosted login flows using device authorization are not affected. This vulnerability is fixed in 2.9.14.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    • CWE-384 - Session Fixation
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: < 2.9.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45773",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T16:44:57.841414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T16:45:06.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.9.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14, Turborepo\u0027s self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the legitimate callback, the CLI could complete login with the wrong credentials. This affects users authenticating the turbo CLI against self-hosted remote cache/auth endpoints. Vercel-hosted login flows using device authorization are not affected. This vulnerability is fixed in 2.9.14."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384: Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:51:38.066Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r"
            }
          ],
          "source": {
            "advisory": "GHSA-hcf7-66rw-9f5r",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: Login callback CSRF/session fixation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45773",
        "datePublished": "2026-05-15T15:51:38.066Z",
        "dateReserved": "2026-05-13T07:45:21.251Z",
        "dateUpdated": "2026-05-15T16:45:06.076Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45772 (GCVE-0-2026-45772)

    Vulnerability from nvd – Published: 2026-05-15 15:45 – Updated: 2026-05-15 17:54
    VLAI
    Title
    Turborepo: Unexpected local code execution during Yarn Berry detection
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a project-controlled yarnPath from .yarnrc.yml. An attacker who controls repository contents could cause code execution when a user or CI system runs affected turbo, @turbo/codemod, or @turbo/workspace conversion commands. This vulnerability is fixed in 2.9.14.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: >= 1.1.0, < 2.9.14
    Create a notification for this product.
    @turbo codemod Affected: >= 2.3.4, < 2.9.14
    Create a notification for this product.
    @turbo workspaces Affected: >= 2.3.4, < 2.9.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T17:53:36.882524Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T17:54:06.401Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 2.9.14"
                }
              ]
            },
            {
              "product": "codemod",
              "vendor": "@turbo",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.4, \u003c 2.9.14"
                }
              ]
            },
            {
              "product": "workspaces",
              "vendor": "@turbo",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.4, \u003c 2.9.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a project-controlled yarnPath from .yarnrc.yml. An attacker who controls repository contents could cause code execution when a user or CI system runs affected turbo, @turbo/codemod, or @turbo/workspace conversion commands. This vulnerability is fixed in 2.9.14."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426: Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:47:12.753Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726"
            }
          ],
          "source": {
            "advisory": "GHSA-3qcw-2rhx-2726",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: Unexpected local code execution during Yarn Berry detection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45772",
        "datePublished": "2026-05-15T15:45:45.252Z",
        "dateReserved": "2026-05-13T07:45:21.251Z",
        "dateUpdated": "2026-05-15T17:54:06.401Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45109 (GCVE-0-2026-45109)

    Vulnerability from nvd – Published: 2026-05-13 17:11 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
    Summary
    Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5.18 and 16.2.6.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    • CWE-358 - Improperly Implemented Security Check for Standard
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45109",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:39:20.946868Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:39:29.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:11:07.275Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-358",
                    "description": "Improperly Implemented Security Check for Standard",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.079Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-45109"
              },
              {
                "name": "RHBZ#2477190",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45109.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:23.402Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:11:07.275Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 15.2.0, \u003c 15.5.17"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5.18 and 16.2.6."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:11:07.275Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6"
            }
          ],
          "source": {
            "advisory": "GHSA-26hh-7cqf-hhc6",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45109",
        "datePublished": "2026-05-13T17:11:07.275Z",
        "dateReserved": "2026-05-08T19:27:26.699Z",
        "dateUpdated": "2026-07-03T12:04:46.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44582 (GCVE-0-2026-44582)

    Vulnerability from nvd – Published: 2026-05-13 17:08 – Updated: 2026-05-14 18:23
    VLAI
    Title
    Next.js: Cache poisoning via collisions in React Server Component cache-busting
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the _rsc cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.4.6, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T18:23:45.992881Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T18:23:52.729Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.6, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the _rsc cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-328",
                  "description": "CWE-328: Use of Weak Hash",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:08:22.240Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949"
            }
          ],
          "source": {
            "advisory": "GHSA-vfv6-92ff-j949",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cache poisoning via collisions in React Server Component cache-busting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44582",
        "datePublished": "2026-05-13T17:08:22.240Z",
        "dateReserved": "2026-05-06T21:49:12.425Z",
        "dateUpdated": "2026-05-14T18:23:52.729Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44581 (GCVE-0-2026-44581)

    Vulnerability from nvd – Published: 2026-05-13 17:07 – Updated: 2026-05-18 14:13
    VLAI
    Title
    Next.js: Cross-site scripting in App Router applications using CSP nonces
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.4.0, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T14:12:36.531340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T14:13:33.462Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:07:15.845Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q"
            }
          ],
          "source": {
            "advisory": "GHSA-ffhc-5mcf-pf4q",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cross-site scripting in App Router applications using CSP nonces"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44581",
        "datePublished": "2026-05-13T17:07:15.845Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-05-18T14:13:33.462Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44580 (GCVE-0-2026-44580)

    Vulnerability from nvd – Published: 2026-05-13 17:06 – Updated: 2026-05-13 18:28
    VLAI
    Title
    Next.js: Cross-site scripting in beforeInteractive scripts with untrusted input
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.0.0 to before 15.5.16 and 16.2.5, applications that use beforeInteractive scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor's browser. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.0.0, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44580",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:28:00.345033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:28:15.512Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.0.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.0.0 to before 15.5.16 and 16.2.5, applications that use beforeInteractive scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor\u0027s browser. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:06:05.772Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h"
            }
          ],
          "source": {
            "advisory": "GHSA-gx5p-jg67-6x7h",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cross-site scripting in beforeInteractive scripts with untrusted input"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44580",
        "datePublished": "2026-05-13T17:06:05.772Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-05-13T18:28:15.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44579 (GCVE-0-2026-44579)

    Vulnerability from nvd – Published: 2026-05-13 17:04 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Denial of Service via connection exhaustion in applications using Cache Components
    Summary
    Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open for an extended period, consuming file descriptors and server capacity until legitimate users are denied service. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    • CWE-833 - Deadlock
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T15:33:46.047159Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T15:33:59.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:04:28.388Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-833",
                    "description": "Deadlock",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.673Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44579"
              },
              {
                "name": "RHBZ#2477193",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44579.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:32.406Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:04:28.388Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Denial of Service via crafted POST requests to server actions",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 15.0.0, \u003c 15.5.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From  to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open for an extended period, consuming file descriptors and server capacity until legitimate users are denied service. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:04:28.388Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx"
            }
          ],
          "source": {
            "advisory": "GHSA-mg66-mrh9-m8jx",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Denial of Service via connection exhaustion in applications using Cache Components"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44579",
        "datePublished": "2026-05-13T17:04:28.388Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:46.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44578 (GCVE-0-2026-44578)

    Vulnerability from nvd – Published: 2026-05-13 17:01 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Server-side request forgery in applications using WebSocket upgrades
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or cloud metadata endpoints. Vercel-hosted deployments are not affected. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44578",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:09:06.506507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:19:41.524Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:01:38.942Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.6,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.954Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44578"
              },
              {
                "name": "RHBZ#2477187",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44578.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:13.729Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:01:38.942Z",
                "value": "Made public."
              }
            ],
            "title": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.13, \u003c 15.5.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or cloud metadata endpoints. Vercel-hosted deployments are not affected. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918: Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:01:38.942Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r"
            }
          ],
          "source": {
            "advisory": "GHSA-c4j6-fc7j-m34r",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Server-side request forgery in applications using WebSocket upgrades"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44578",
        "datePublished": "2026-05-13T17:01:38.942Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:46.954Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44577 (GCVE-0-2026-44577)

    Vulnerability from nvd – Published: 2026-05-13 17:00 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Denial of Service in the Image Optimization API
    Summary
    Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44577",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T18:33:40.553243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T18:33:46.473Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:00:02.786Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:47.244Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44577"
              },
              {
                "name": "RHBZ#2477194",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44577.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:35.713Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:00:02.786Z",
                "value": "Made public."
              }
            ],
            "title": "Next.js: Next.js: Denial of Service via Image Optimization API",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:00:02.786Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh"
            }
          ],
          "source": {
            "advisory": "GHSA-h64f-5h5j-jqjh",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Denial of Service in the Image Optimization API"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44577",
        "datePublished": "2026-05-13T17:00:02.786Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:47.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44576 (GCVE-0-2026-44576)

    Vulnerability from nvd – Published: 2026-05-13 16:57 – Updated: 2026-05-18 13:45
    VLAI
    Title
    Next.js: Cache poisoning in React Server Component responses
    Summary
    Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker can cause an RSC response to be served from the original URL and poison shared cache entries so later visitors receive component payloads instead of the expected HTML. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-436 - Interpretation Conflict
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 14.2.0, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44576",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T13:45:23.886970Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T13:45:59.133Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 14.2.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker can cause an RSC response to be served from the original URL and poison shared cache entries so later visitors receive component payloads instead of the expected HTML. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-436",
                  "description": "CWE-436: Interpretation Conflict",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T16:57:43.016Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-wfc6-r584-vfw7"
            }
          ],
          "source": {
            "advisory": "GHSA-wfc6-r584-vfw7",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cache poisoning in React Server Component responses"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44576",
        "datePublished": "2026-05-13T16:57:10.923Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-05-18T13:45:59.133Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44575 (GCVE-0-2026-44575)

    Vulnerability from nvd – Published: 2026-05-13 16:54 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
    Summary
    Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware or proxy-based checks for authorization can allow unauthorized access through transport-specific route variants used for segment prefetching. In affected configurations, specially crafted .rsc and segment-prefetch URLs can resolve to the same page without being matched by the intended middleware rule, which can allow protected content to be reached without the expected authorization check. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    • CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44575",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T17:48:53.731472Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T17:50:24.865Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T16:54:39.455Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-551",
                    "description": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:47.529Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44575"
              },
              {
                "name": "RHBZ#2477188",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44575.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:17.168Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T16:54:39.455Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Unauthorized access to protected content via middleware bypass",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 15.2.0, \u003c 15.5.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware or proxy-based checks for authorization can allow unauthorized access through transport-specific route variants used for segment prefetching. In affected configurations, specially crafted .rsc and segment-prefetch URLs can resolve to the same page without being matched by the intended middleware rule, which can allow protected content to be reached without the expected authorization check. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T16:54:39.455Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f"
            }
          ],
          "source": {
            "advisory": "GHSA-267c-6grr-h53f",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44575",
        "datePublished": "2026-05-13T16:54:39.455Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:47.529Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44574 (GCVE-0-2026-44574)

    Vulnerability from nvd – Published: 2026-05-13 16:56 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Middleware / Proxy bypass through dynamic route parameter injection
    Summary
    Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the dynamic route value seen by the page while leaving the visible path unchanged, which can allow protected content to be rendered without passing the expected middleware check. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    • CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44574",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T03:56:41.192368Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T10:30:11.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T16:56:06.008Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.1,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-551",
                    "description": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:47.819Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44574"
              },
              {
                "name": "RHBZ#2477207",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44574.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:02:21.088Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T16:56:06.008Z",
                "value": "Made public."
              }
            ],
            "title": "Next.js: Next.js: Authorization bypass via crafted query parameters",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 15.4.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the dynamic route value seen by the page while leaving the visible path unchanged, which can allow protected content to be rendered without passing the expected middleware check. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T16:56:06.008Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv"
            }
          ],
          "source": {
            "advisory": "GHSA-492v-c6pp-mqqv",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Middleware / Proxy bypass through dynamic route parameter injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44574",
        "datePublished": "2026-05-13T16:56:06.008Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:47.819Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44573 (GCVE-0-2026-44573)

    Vulnerability from nvd – Published: 2026-05-13 16:48 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Middleware / Proxy bypass in Pages Router applications using i18n
    Summary
    Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less /_next/data/<buildId>/<page>.json requests. In affected configurations, middleware does not run for the unprefixed data route, allowing an attacker to retrieve SSR JSON for protected pages without passing the intended authorization checks. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-863 - Incorrect Authorization
    • CWE-551 - Incorrect Behavior Order: Authorization Before Parsing and Canonicalization
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44573",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:10:30.422168Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:19:49.658Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T16:48:16.218Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-551",
                    "description": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:48.156Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44573"
              },
              {
                "name": "RHBZ#2477199",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44573.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:50.343Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T16:48:16.218Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 12.2.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests. In affected configurations, middleware does not run for the unprefixed data route, allowing an attacker to retrieve SSR JSON for protected pages without passing the intended authorization checks. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T16:48:16.218Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5"
            }
          ],
          "source": {
            "advisory": "GHSA-36qx-fr4f-26g5",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Middleware / Proxy bypass in Pages Router applications using i18n"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44573",
        "datePublished": "2026-05-13T16:48:16.218Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:48.156Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8769 (GCVE-0-2026-8769)

    Vulnerability from cvelistv5 – Published: 2026-05-17 23:00 – Updated: 2026-05-18 20:13
    VLAI
    Title
    vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption
    Summary
    A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/364394 vdb-entrytechnical-description
    https://vuldb.com/vuln/364394/cti signaturepermissions-required
    https://vuldb.com/submit/811406 third-party-advisory
    https://gist.github.com/YLChen-007/fb1096bc8428be… exploit
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-f (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8769",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T20:12:31.099819Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T20:13:40.558Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "provider-utils"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-f (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-404",
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T23:00:13.988Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364394 | vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364394"
            },
            {
              "name": "VDB-364394 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364394/cti"
            },
            {
              "name": "Submit #811406 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Uncontrolled Resource Consumption (CWE-400)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811406"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/fb1096bc8428bed9a428f764d9d103bb"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:28.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8769",
        "datePublished": "2026-05-17T23:00:13.988Z",
        "dateReserved": "2026-05-17T09:28:09.002Z",
        "dateUpdated": "2026-05-18T20:13:40.558Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8768 (GCVE-0-2026-8768)

    Vulnerability from cvelistv5 – Published: 2026-05-17 22:45 – Updated: 2026-05-18 10:41
    VLAI
    Title
    vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery
    Summary
    A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-f (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8768",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T10:28:23.079110Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T10:41:00.465Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "provider-utils"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-f (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T22:45:09.929Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364393 | vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364393"
            },
            {
              "name": "VDB-364393 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364393/cti"
            },
            {
              "name": "Submit #811404 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Server-Side Request Forgery (SSRF) (CWE-918)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811404"
            },
            {
              "name": "Submit #811405 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 Server-Side Request Forgery (SSRF) (CWE-918) (Duplicate)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811405"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://gist.github.com/YLChen-007/07d149bd68adbee58165b4207a2abc71"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/cf7e47e4dda392f474ca77a66d1d847f"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:13.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8768",
        "datePublished": "2026-05-17T22:45:09.929Z",
        "dateReserved": "2026-05-17T09:28:06.447Z",
        "dateUpdated": "2026-05-18T10:41:00.465Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-8767 (GCVE-0-2026-8767)

    Vulnerability from cvelistv5 – Published: 2026-05-17 22:30 – Updated: 2026-05-18 14:30
    VLAI
    Title
    vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection
    Summary
    A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/364392 vdb-entrytechnical-description
    https://vuldb.com/vuln/364392/cti signaturepermissions-required
    https://vuldb.com/submit/811402 third-party-advisory
    https://gist.github.com/YLChen-007/870bd6966cd847… exploit
    Impacted products
    Vendor Product Version
    vercel ai Affected: 3.0.0
    Affected: 3.0.1
    Affected: 3.0.2
    Affected: 3.0.3
    Affected: 3.0.4
    Affected: 3.0.5
    Affected: 3.0.6
    Affected: 3.0.7
    Affected: 3.0.8
    Affected: 3.0.9
    Affected: 3.0.10
    Affected: 3.0.11
    Affected: 3.0.12
    Affected: 3.0.13
    Affected: 3.0.14
    Affected: 3.0.15
    Affected: 3.0.16
    Affected: 3.0.17
    Affected: 3.0.18
    Affected: 3.0.19
    Affected: 3.0.20
    Affected: 3.0.21
    Affected: 3.0.22
    Affected: 3.0.23
    Affected: 3.0.24
    Affected: 3.0.25
    Affected: 3.0.26
    Affected: 3.0.27
    Affected: 3.0.28
    Affected: 3.0.29
    Affected: 3.0.30
    Affected: 3.0.31
    Affected: 3.0.32
    Affected: 3.0.33
    Affected: 3.0.34
    Affected: 3.0.35
    Affected: 3.0.36
    Affected: 3.0.37
    Affected: 3.0.38
    Affected: 3.0.39
    Affected: 3.0.40
    Affected: 3.0.41
    Affected: 3.0.42
    Affected: 3.0.43
    Affected: 3.0.44
    Affected: 3.0.45
    Affected: 3.0.46
    Affected: 3.0.47
    Affected: 3.0.48
    Affected: 3.0.49
    Affected: 3.0.50
    Affected: 3.0.51
    Affected: 3.0.52
    Affected: 3.0.53
    Affected: 3.0.54
    Affected: 3.0.55
    Affected: 3.0.56
    Affected: 3.0.57
    Affected: 3.0.58
    Affected: 3.0.59
    Affected: 3.0.60
    Affected: 3.0.61
    Affected: 3.0.62
    Affected: 3.0.63
    Affected: 3.0.64
    Affected: 3.0.65
    Affected: 3.0.66
    Affected: 3.0.67
    Affected: 3.0.68
    Affected: 3.0.69
    Affected: 3.0.70
    Affected: 3.0.71
    Affected: 3.0.72
    Affected: 3.0.73
    Affected: 3.0.74
    Affected: 3.0.75
    Affected: 3.0.76
    Affected: 3.0.77
    Affected: 3.0.78
    Affected: 3.0.79
    Affected: 3.0.80
    Affected: 3.0.81
    Affected: 3.0.82
    Affected: 3.0.83
    Affected: 3.0.84
    Affected: 3.0.85
    Affected: 3.0.86
    Affected: 3.0.87
    Affected: 3.0.88
    Affected: 3.0.89
    Affected: 3.0.90
    Affected: 3.0.91
    Affected: 3.0.92
    Affected: 3.0.93
    Affected: 3.0.94
    Affected: 3.0.95
    Affected: 3.0.96
    Affected: 3.0.97
        cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Eric-d (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-8767",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T14:30:43.479216Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T14:30:55.942Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:vercel:ai:*:*:*:*:*:*:*:*"
              ],
              "modules": [
                "PR Branch Name Interpolation"
              ],
              "product": "ai",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.1"
                },
                {
                  "status": "affected",
                  "version": "3.0.2"
                },
                {
                  "status": "affected",
                  "version": "3.0.3"
                },
                {
                  "status": "affected",
                  "version": "3.0.4"
                },
                {
                  "status": "affected",
                  "version": "3.0.5"
                },
                {
                  "status": "affected",
                  "version": "3.0.6"
                },
                {
                  "status": "affected",
                  "version": "3.0.7"
                },
                {
                  "status": "affected",
                  "version": "3.0.8"
                },
                {
                  "status": "affected",
                  "version": "3.0.9"
                },
                {
                  "status": "affected",
                  "version": "3.0.10"
                },
                {
                  "status": "affected",
                  "version": "3.0.11"
                },
                {
                  "status": "affected",
                  "version": "3.0.12"
                },
                {
                  "status": "affected",
                  "version": "3.0.13"
                },
                {
                  "status": "affected",
                  "version": "3.0.14"
                },
                {
                  "status": "affected",
                  "version": "3.0.15"
                },
                {
                  "status": "affected",
                  "version": "3.0.16"
                },
                {
                  "status": "affected",
                  "version": "3.0.17"
                },
                {
                  "status": "affected",
                  "version": "3.0.18"
                },
                {
                  "status": "affected",
                  "version": "3.0.19"
                },
                {
                  "status": "affected",
                  "version": "3.0.20"
                },
                {
                  "status": "affected",
                  "version": "3.0.21"
                },
                {
                  "status": "affected",
                  "version": "3.0.22"
                },
                {
                  "status": "affected",
                  "version": "3.0.23"
                },
                {
                  "status": "affected",
                  "version": "3.0.24"
                },
                {
                  "status": "affected",
                  "version": "3.0.25"
                },
                {
                  "status": "affected",
                  "version": "3.0.26"
                },
                {
                  "status": "affected",
                  "version": "3.0.27"
                },
                {
                  "status": "affected",
                  "version": "3.0.28"
                },
                {
                  "status": "affected",
                  "version": "3.0.29"
                },
                {
                  "status": "affected",
                  "version": "3.0.30"
                },
                {
                  "status": "affected",
                  "version": "3.0.31"
                },
                {
                  "status": "affected",
                  "version": "3.0.32"
                },
                {
                  "status": "affected",
                  "version": "3.0.33"
                },
                {
                  "status": "affected",
                  "version": "3.0.34"
                },
                {
                  "status": "affected",
                  "version": "3.0.35"
                },
                {
                  "status": "affected",
                  "version": "3.0.36"
                },
                {
                  "status": "affected",
                  "version": "3.0.37"
                },
                {
                  "status": "affected",
                  "version": "3.0.38"
                },
                {
                  "status": "affected",
                  "version": "3.0.39"
                },
                {
                  "status": "affected",
                  "version": "3.0.40"
                },
                {
                  "status": "affected",
                  "version": "3.0.41"
                },
                {
                  "status": "affected",
                  "version": "3.0.42"
                },
                {
                  "status": "affected",
                  "version": "3.0.43"
                },
                {
                  "status": "affected",
                  "version": "3.0.44"
                },
                {
                  "status": "affected",
                  "version": "3.0.45"
                },
                {
                  "status": "affected",
                  "version": "3.0.46"
                },
                {
                  "status": "affected",
                  "version": "3.0.47"
                },
                {
                  "status": "affected",
                  "version": "3.0.48"
                },
                {
                  "status": "affected",
                  "version": "3.0.49"
                },
                {
                  "status": "affected",
                  "version": "3.0.50"
                },
                {
                  "status": "affected",
                  "version": "3.0.51"
                },
                {
                  "status": "affected",
                  "version": "3.0.52"
                },
                {
                  "status": "affected",
                  "version": "3.0.53"
                },
                {
                  "status": "affected",
                  "version": "3.0.54"
                },
                {
                  "status": "affected",
                  "version": "3.0.55"
                },
                {
                  "status": "affected",
                  "version": "3.0.56"
                },
                {
                  "status": "affected",
                  "version": "3.0.57"
                },
                {
                  "status": "affected",
                  "version": "3.0.58"
                },
                {
                  "status": "affected",
                  "version": "3.0.59"
                },
                {
                  "status": "affected",
                  "version": "3.0.60"
                },
                {
                  "status": "affected",
                  "version": "3.0.61"
                },
                {
                  "status": "affected",
                  "version": "3.0.62"
                },
                {
                  "status": "affected",
                  "version": "3.0.63"
                },
                {
                  "status": "affected",
                  "version": "3.0.64"
                },
                {
                  "status": "affected",
                  "version": "3.0.65"
                },
                {
                  "status": "affected",
                  "version": "3.0.66"
                },
                {
                  "status": "affected",
                  "version": "3.0.67"
                },
                {
                  "status": "affected",
                  "version": "3.0.68"
                },
                {
                  "status": "affected",
                  "version": "3.0.69"
                },
                {
                  "status": "affected",
                  "version": "3.0.70"
                },
                {
                  "status": "affected",
                  "version": "3.0.71"
                },
                {
                  "status": "affected",
                  "version": "3.0.72"
                },
                {
                  "status": "affected",
                  "version": "3.0.73"
                },
                {
                  "status": "affected",
                  "version": "3.0.74"
                },
                {
                  "status": "affected",
                  "version": "3.0.75"
                },
                {
                  "status": "affected",
                  "version": "3.0.76"
                },
                {
                  "status": "affected",
                  "version": "3.0.77"
                },
                {
                  "status": "affected",
                  "version": "3.0.78"
                },
                {
                  "status": "affected",
                  "version": "3.0.79"
                },
                {
                  "status": "affected",
                  "version": "3.0.80"
                },
                {
                  "status": "affected",
                  "version": "3.0.81"
                },
                {
                  "status": "affected",
                  "version": "3.0.82"
                },
                {
                  "status": "affected",
                  "version": "3.0.83"
                },
                {
                  "status": "affected",
                  "version": "3.0.84"
                },
                {
                  "status": "affected",
                  "version": "3.0.85"
                },
                {
                  "status": "affected",
                  "version": "3.0.86"
                },
                {
                  "status": "affected",
                  "version": "3.0.87"
                },
                {
                  "status": "affected",
                  "version": "3.0.88"
                },
                {
                  "status": "affected",
                  "version": "3.0.89"
                },
                {
                  "status": "affected",
                  "version": "3.0.90"
                },
                {
                  "status": "affected",
                  "version": "3.0.91"
                },
                {
                  "status": "affected",
                  "version": "3.0.92"
                },
                {
                  "status": "affected",
                  "version": "3.0.93"
                },
                {
                  "status": "affected",
                  "version": "3.0.94"
                },
                {
                  "status": "affected",
                  "version": "3.0.95"
                },
                {
                  "status": "affected",
                  "version": "3.0.96"
                },
                {
                  "status": "affected",
                  "version": "3.0.97"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-d (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "OS Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-17T22:30:09.659Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-364392 | vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/vuln/364392"
            },
            {
              "name": "VDB-364392 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/364392/cti"
            },
            {
              "name": "Submit #811402 | vercel ai @ai-sdk/amazon-bedrock@3.0.97 OS Command Injection (CWE-78)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/811402"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/870bd6966cd84703d91ce54dfea3bdd0"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-05-17T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-05-17T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-05-17T11:33:11.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-8767",
        "datePublished": "2026-05-17T22:30:09.659Z",
        "dateReserved": "2026-05-17T09:28:03.647Z",
        "dateUpdated": "2026-05-18T14:30:55.942Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45773 (GCVE-0-2026-45773)

    Vulnerability from cvelistv5 – Published: 2026-05-15 15:51 – Updated: 2026-05-15 16:45
    VLAI
    Title
    Turborepo: Login callback CSRF/session fixation
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14, Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the legitimate callback, the CLI could complete login with the wrong credentials. This affects users authenticating the turbo CLI against self-hosted remote cache/auth endpoints. Vercel-hosted login flows using device authorization are not affected. This vulnerability is fixed in 2.9.14.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-352 - Cross-Site Request Forgery (CSRF)
    • CWE-384 - Session Fixation
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: < 2.9.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45773",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T16:44:57.841414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T16:45:06.076Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.9.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14, Turborepo\u0027s self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the legitimate callback, the CLI could complete login with the wrong credentials. This affects users authenticating the turbo CLI against self-hosted remote cache/auth endpoints. Vercel-hosted login flows using device authorization are not affected. This vulnerability is fixed in 2.9.14."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "PASSIVE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:H/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-352",
                  "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-384",
                  "description": "CWE-384: Session Fixation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:51:38.066Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-hcf7-66rw-9f5r"
            }
          ],
          "source": {
            "advisory": "GHSA-hcf7-66rw-9f5r",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: Login callback CSRF/session fixation"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45773",
        "datePublished": "2026-05-15T15:51:38.066Z",
        "dateReserved": "2026-05-13T07:45:21.251Z",
        "dateUpdated": "2026-05-15T16:45:06.076Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-46508 (GCVE-0-2026-46508)

    Vulnerability from cvelistv5 – Published: 2026-05-15 15:50 – Updated: 2026-05-15 18:05
    VLAI
    Title
    Turborepo: VSCode Extension command injection
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo daemon commands and task runs. A malicious workspace could provide crafted values through workspace settings or task names in the repository's source code that were interpolated into shell commands. When the extension activated or when a user ran a task through the extension, those values could be interpreted by the user's shell, allowing arbitrary command execution with the privileges of the local VS Code process. This vulnerability is fixed in 2.9.14000.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: < 2.9.14000
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-46508",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T18:01:21.787180Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T18:05:01.165Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.9.14000"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo daemon commands and task runs. A malicious workspace could provide crafted values through workspace settings or task names in the repository\u0027s source code that were interpolated into shell commands. When the extension activated or when a user ran a task through the extension, those values could be interpreted by the user\u0027s shell, allowing arbitrary command execution with the privileges of the local VS Code process. This vulnerability is fixed in 2.9.14000."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.4,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:50:24.694Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-5xc8-49mv-x4mm"
            }
          ],
          "source": {
            "advisory": "GHSA-5xc8-49mv-x4mm",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: VSCode Extension command injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-46508",
        "datePublished": "2026-05-15T15:50:24.694Z",
        "dateReserved": "2026-05-14T19:12:32.754Z",
        "dateUpdated": "2026-05-15T18:05:01.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45772 (GCVE-0-2026-45772)

    Vulnerability from cvelistv5 – Published: 2026-05-15 15:45 – Updated: 2026-05-15 17:54
    VLAI
    Title
    Turborepo: Unexpected local code execution during Yarn Berry detection
    Summary
    Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a project-controlled yarnPath from .yarnrc.yml. An attacker who controls repository contents could cause code execution when a user or CI system runs affected turbo, @turbo/codemod, or @turbo/workspace conversion commands. This vulnerability is fixed in 2.9.14.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel turborepo Affected: >= 1.1.0, < 2.9.14
    Create a notification for this product.
    @turbo codemod Affected: >= 2.3.4, < 2.9.14
    Create a notification for this product.
    @turbo workspaces Affected: >= 2.3.4, < 2.9.14
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45772",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-15T17:53:36.882524Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-15T17:54:06.401Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "turborepo",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.1.0, \u003c 2.9.14"
                }
              ]
            },
            {
              "product": "codemod",
              "vendor": "@turbo",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.4, \u003c 2.9.14"
                }
              ]
            },
            {
              "product": "workspaces",
              "vendor": "@turbo",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 2.3.4, \u003c 2.9.14"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Turborepo is a high-performance build system for JavaScript and TypeScript codebases. From 1.1.0 to before 2.9.14, Turborepo can be vulnerable to arbitrary code execution when run in untrusted repositories that contain malicious Yarn configuration. In affected versions, package manager detection executed yarn --version from the project directory, which could cause Yarn to load and execute a project-controlled yarnPath from .yarnrc.yml. An attacker who controls repository contents could cause code execution when a user or CI system runs affected turbo, @turbo/codemod, or @turbo/workspace conversion commands. This vulnerability is fixed in 2.9.14."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 0,
                "baseSeverity": "NONE",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-426",
                  "description": "CWE-426: Untrusted Search Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-15T15:47:12.753Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/turborepo/security/advisories/GHSA-3qcw-2rhx-2726"
            }
          ],
          "source": {
            "advisory": "GHSA-3qcw-2rhx-2726",
            "discovery": "UNKNOWN"
          },
          "title": "Turborepo: Unexpected local code execution during Yarn Berry detection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45772",
        "datePublished": "2026-05-15T15:45:45.252Z",
        "dateReserved": "2026-05-13T07:45:21.251Z",
        "dateUpdated": "2026-05-15T17:54:06.401Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-45109 (GCVE-0-2026-45109)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:11 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes
    Summary
    Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5.18 and 16.2.6.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-288 - Authentication Bypass Using an Alternate Path or Channel
    • CWE-358 - Improperly Implemented Security Check for Standard
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-45109",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:39:20.946868Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:39:29.674Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:11:07.275Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-358",
                    "description": "Improperly Implemented Security Check for Standard",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.079Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-45109"
              },
              {
                "name": "RHBZ#2477190",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45109.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:23.402Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:11:07.275Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 15.2.0, \u003c 15.5.17"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5.18 and 16.2.6."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-288",
                  "description": "CWE-288: Authentication Bypass Using an Alternate Path or Channel",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:11:07.275Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6"
            }
          ],
          "source": {
            "advisory": "GHSA-26hh-7cqf-hhc6",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Middleware / Proxy bypass in App Router applications via segment-prefetch routes"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-45109",
        "datePublished": "2026-05-13T17:11:07.275Z",
        "dateReserved": "2026-05-08T19:27:26.699Z",
        "dateUpdated": "2026-07-03T12:04:46.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44582 (GCVE-0-2026-44582)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:08 – Updated: 2026-05-14 18:23
    VLAI
    Title
    Next.js: Cache poisoning via collisions in React Server Component cache-busting
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the _rsc cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.4.6, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44582",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T18:23:45.992881Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T18:23:52.729Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.6, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response partitioning. In affected conditions, collisions in the _rsc cache-busting value can allow an attacker to poison cache entries so users receive the wrong response variant for a given URL. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 3.7,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-328",
                  "description": "CWE-328: Use of Weak Hash",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:08:22.240Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-vfv6-92ff-j949"
            }
          ],
          "source": {
            "advisory": "GHSA-vfv6-92ff-j949",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cache poisoning via collisions in React Server Component cache-busting"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44582",
        "datePublished": "2026-05-13T17:08:22.240Z",
        "dateReserved": "2026-05-06T21:49:12.425Z",
        "dateUpdated": "2026-05-14T18:23:52.729Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44581 (GCVE-0-2026-44581)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:07 – Updated: 2026-05-18 14:13
    VLAI
    Title
    Next.js: Cross-site scripting in App Router applications using CSP nonces
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.4.0, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44581",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-18T14:12:36.531340Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-18T14:13:33.462Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.0 to before 15.5.16 and 16.2.5, App Router applications that rely on CSP nonces can be vulnerable to stored cross-site scripting when deployed behind shared caches. In affected versions, malformed nonce values derived from request headers could be reflected into rendered HTML in an unsafe way, allowing an attacker to poison cached responses and cause script execution for later visitors. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:07:15.845Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-ffhc-5mcf-pf4q"
            }
          ],
          "source": {
            "advisory": "GHSA-ffhc-5mcf-pf4q",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cross-site scripting in App Router applications using CSP nonces"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44581",
        "datePublished": "2026-05-13T17:07:15.845Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-05-18T14:13:33.462Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44580 (GCVE-0-2026-44580)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:06 – Updated: 2026-05-13 18:28
    VLAI
    Title
    Next.js: Cross-site scripting in beforeInteractive scripts with untrusted input
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.0.0 to before 15.5.16 and 16.2.5, applications that use beforeInteractive scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor's browser. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    Assigner
    References
    Impacted products
    Vendor Product Version
    vercel next.js Affected: >= 13.0.0, < 15.5.16
    Affected: >= 16.0.0, < 16.2.5
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44580",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:28:00.345033Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:28:15.512Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 13.0.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.0.0 to before 15.5.16 and 16.2.5, applications that use beforeInteractive scripts together with untrusted content can be vulnerable to cross-site scripting. In affected versions, serialized script content was not escaped safely before being embedded into the document, which could allow attacker-controlled input to break out of the intended script context and execute arbitrary JavaScript in a visitor\u0027s browser. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:06:05.772Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-gx5p-jg67-6x7h"
            }
          ],
          "source": {
            "advisory": "GHSA-gx5p-jg67-6x7h",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Cross-site scripting in beforeInteractive scripts with untrusted input"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44580",
        "datePublished": "2026-05-13T17:06:05.772Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-05-13T18:28:15.512Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44579 (GCVE-0-2026-44579)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:04 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Denial of Service via connection exhaustion in applications using Cache Components
    Summary
    Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open for an extended period, consuming file descriptors and server capacity until legitimate users are denied service. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    • CWE-833 - Deadlock
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44579",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T15:33:46.047159Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T15:33:59.145Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:04:28.388Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-833",
                    "description": "Deadlock",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.673Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44579"
              },
              {
                "name": "RHBZ#2477193",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44579.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:32.406Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:04:28.388Z",
                "value": "Made public."
              }
            ],
            "title": "next.js: Next.js: Denial of Service via crafted POST requests to server actions",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 15.0.0, \u003c 15.5.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From  to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open for an extended period, consuming file descriptors and server capacity until legitimate users are denied service. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:04:28.388Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx"
            }
          ],
          "source": {
            "advisory": "GHSA-mg66-mrh9-m8jx",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Denial of Service via connection exhaustion in applications using Cache Components"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44579",
        "datePublished": "2026-05-13T17:04:28.388Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:46.673Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44578 (GCVE-0-2026-44578)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:01 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Server-side request forgery in applications using WebSocket upgrades
    Summary
    Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or cloud metadata endpoints. Vercel-hosted deployments are not affected. This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44578",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-13T18:09:06.506507Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-13T18:19:41.524Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:01:38.942Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 8.6,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "CHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-918",
                    "description": "Server-Side Request Forgery (SSRF)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:46.954Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44578"
              },
              {
                "name": "RHBZ#2477187",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44578.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:13.729Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:01:38.942Z",
                "value": "Made public."
              }
            ],
            "title": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 13.4.13, \u003c 15.5.16"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket upgrade requests. An attacker can cause the server to proxy requests to arbitrary internal or external destinations, which may expose internal services or cloud metadata endpoints. Vercel-hosted deployments are not affected. This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "CWE-918: Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:01:38.942Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r"
            }
          ],
          "source": {
            "advisory": "GHSA-c4j6-fc7j-m34r",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Server-side request forgery in applications using WebSocket upgrades"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44578",
        "datePublished": "2026-05-13T17:01:38.942Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:46.954Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44577 (GCVE-0-2026-44577)

    Vulnerability from cvelistv5 – Published: 2026-05-13 17:00 – Updated: 2026-07-03 12:04
    VLAI
    Title
    Next.js: Denial of Service in the Image Optimization API
    Summary
    Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44577",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-14T18:33:40.553243Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-14T18:33:46.473Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:2.9::el9"
                ],
                "defaultStatus": "affected",
                "product": "Streams for Apache Kafka 2.9.4",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:enterprise_linux_ai:3"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:trusted_artifact_signer:1"
                ],
                "defaultStatus": "affected",
                "product": "Red Hat Trusted Artifact Signer",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/a:redhat:amq_streams:3"
                ],
                "defaultStatus": "affected",
                "product": "streams for Apache Kafka 3",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:10"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 10",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:7"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 7",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:8"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 8",
                "vendor": "Red Hat"
              },
              {
                "cpes": [
                  "cpe:/o:redhat:enterprise_linux:9"
                ],
                "defaultStatus": "unaffected",
                "product": "Red Hat Enterprise Linux 9",
                "vendor": "Red Hat"
              }
            ],
            "datePublic": "2026-05-13T17:00:02.786Z",
            "descriptions": [
              {
                "lang": "en",
                "value": "A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application."
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "namespace": "https://access.redhat.com/security/updates/classification/",
                    "value": "Important"
                  },
                  "type": "Red Hat severity rating"
                }
              },
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                },
                "format": "CVSS"
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-770",
                    "description": "Allocation of Resources Without Limits or Throttling",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-03T12:04:47.244Z",
              "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
              "shortName": "redhat-SADP"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/security/cve/CVE-2026-44577"
              },
              {
                "name": "RHBZ#2477194",
                "tags": [
                  "issue-tracking",
                  "x_refsource_REDHAT"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
              },
              {
                "tags": [
                  "x_sadp-csaf-vex"
                ],
                "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44577.json"
              },
              {
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2026:34608"
              }
            ],
            "solutions": [
              {
                "lang": "en",
                "value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-05-13T18:01:35.713Z",
                "value": "Reported to Red Hat."
              },
              {
                "lang": "en",
                "time": "2026-05-13T17:00:02.786Z",
                "value": "Made public."
              }
            ],
            "title": "Next.js: Next.js: Denial of Service via Image Optimization API",
            "workarounds": [
              {
                "lang": "en",
                "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
              }
            ],
            "x_adpType": "supplier",
            "x_generator": {
              "engine": "sadp-cli 1.0.0"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "next.js",
              "vendor": "vercel",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 10.0.0, \u003c 15.5.16"
                },
                {
                  "status": "affected",
                  "version": "\u003e= 16.0.0, \u003c 16.2.5"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. An attacker could cause out-of-memory conditions by requesting large local assets from the /_next/image endpoint that match the images.localPatterns configuration (by default, all patterns are allowed). This vulnerability is fixed in 15.5.16 and 16.2.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-13T17:00:02.786Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh"
            }
          ],
          "source": {
            "advisory": "GHSA-h64f-5h5j-jqjh",
            "discovery": "UNKNOWN"
          },
          "title": "Next.js: Denial of Service in the Image Optimization API"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44577",
        "datePublished": "2026-05-13T17:00:02.786Z",
        "dateReserved": "2026-05-06T21:49:12.424Z",
        "dateUpdated": "2026-07-03T12:04:47.244Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }